DOI QR코드

DOI QR Code

무선 LAN에서 Inter-Access Point Protocol을 이용한 안전한 핸드오버

Secure Handover Using Inter-Access Point Protocol in Wireless LAN


초록

IEEE 802.11 네트웍에서 핸드오버는 반복되는 인증 및 키교환 절차를 요구하며, 이는 seamless 무선랜 서비스를 제공하는데 있어 큰 방해요소가 된다. 이 논문에서는 IEEE 802.11f를 이용한 빠른 키교환 및 인증 방법을 제안한다. 특히, IEEE 802.11i의 4-way 핸드쉐이크를 표준에 벗어나지 않게 수정하므로써 pre-authentication을 이용했을 때 생길 수 있는 perfect forward secrecy문제를 해결한다. 제안하는 방법은 IEEE 802.11f의 context block과 IEEE 802.11i의 핸드쉐이크만을 이용하며, 핸드오버 시에 AAA 서버와의 통신을 요구하지 않으므로써 효율성을 높였다.

Handover in IEEE 802.11 requires repeated authentication and key exchange procedures, which are an obstacle to seamless services of wireless LAM. We propose a fast authentication and key exchange mechanism using IEEE 802.11f. Especially, by proposing a modified version of the 4-way handshake of IEEE 802.11i, we solve the perfect forward secrecy problem that arises when the pre-authentication is adopted. The scheme can be implemented only using the Context Block of IEEE 802.11f and the 4-way handshake of IEEE 802.11i without involving authentications server's interaction or non-standard behavior between access points. Our scheme is applicable to devices not supporting the us-authentication of IEEE 802.11i and also, it can substitute the pre-authentication when the pre-authentication is failed.

키워드

참고문헌

  1. IEEE Std 802.11i/D5.0 Draft Amemdment to STANDARD FOR Telecommunications and Information Exchange Between Systems - LAN/MAN Specific Requirements - Part 11: Wireless Medium Access Control(MAC) and physical layer(PHY) specifications: Specification for Enhanced Security
  2. P802.1X/D11 Standards for Local and Metropolitan Area Networks: Standard for Port based Metwork Access Control
  3. IEEE Draft P802.1aa/D5 Draft IEEE Standard for Local and Metro politan Area Networks - Port Based Network Access Control - Amendment 1: Technical and Editional Corrections
  4. IEEE P802.11F/D5 Draft Recommended Practice for Multi-Vendor Access Point Interoperability via an Inter-Access Point Protocol Across Distribution Systems Supporting IEEE 802.11 Operation
  5. RFC 2284 PPP Extensible Authentication Protocol(EAP) L.Blunk;J.Vollbrecht
  6. RFC 2716 PPP EAP TLS Authentication Protocol B.Aboba;D.Simon
  7. RFC 2138 Remote Authentication Dial In User Service (RADIUS) C.Rigney;A.Rubens;W.Simpson;S.Willens
  8. Internet Draft DIAMETER Base Protocol Pat R.Calhoun;John Loughney;Eric Guttman;Glen Zorn;Jari Arkko
  9. Internet Draft EAP Tunneled TLS Authentication Protocol(EAP-TTLS) Paul Funk;Simon Blake-Wilson
  10. Telecommunications and Information Exchange Between Systems - LAN/MAN Specific Requirements - Part 11: Wireless Medium Access Control(MAC) and physical layer(PHY) specifications
  11. Internet Draft Microsoft's PEAP (version 0) Vivek Kamath
  12. RFC 3078 Microsoft Point-to-Point Encryption G.Pall;G.Zorn
  13. IEEE 802.11-03/084 Proactive Key Distribution to support fast and secure roaming Arunesh Mishra;Minho Shin;William Arbaugh
  14. IEEE 802.11-03/095 Fast Re-authentication Dan Harkins
  15. IEEE 802.11-03/411 PMK Plumbing for Fast Roaming via the Neighborhood Graph Robert Moskowitz
  16. IEEE 802.11-03/155 Fast Handoff Issues Bernard Aboba
  17. Multiprecision Integer and Rational Arithmetic C/C++ Library